Working...
Introduction
In enterprise environments, user access management between external systems and Oracle platforms is a common integration requirement. In this use case, we implemented an automated solution using Oracle Integration Cloud to provision and revoke user access between CORS and OPC.
The integration supports two major flows:
OPC to CORS Sync Flow
Scheduled integration
Extracts users, departments, and groups from OPC
Generates files and sends them to SFTP for CORS pickup
CORS to OPC Access Management Flow
REST-based integration
Receives user/group/department details from CORS
Creates users and assigns access in OPC
Returns failed group assignment responses
This architecture helped automate access governance, reduce manual intervention, and improve synchronization accuracy across systems.
Flow 1 – OPC to CORS Synchronization
Requirement
CORS requires periodic synchronization data from OPC containing:
User details
Department mappings
Department-group mappings
Department-group-user mappings
The files need to be generated automatically and placed in an SFTP location for CORS consumption.
Solution Design
We implemented a Scheduled Integration in Oracle Integration Cloud.
High-Level Steps
Scheduler triggers the integration periodically
OIC calls OPC APIs and retrieves authentication token
Fetches:
Departments
Department and group mappings
Department-group-user mappings
Generates 3 outbound files
Uploads files to OIC SFTP location
CORS picks up the files from SFTP
Integration Flow
Step 1 – Scheduler Trigger
A scheduled orchestration integration was configured to run at defined intervals.
Example:
Every 1 hour
Daily batch sync
Based on business requirement
Step 2 – OPC Authentication
The integration first invokes OPC authentication APIs to retrieve access tokens.
This token is then used for all subsequent OPC REST API calls.
Step 3 – Fetch Department and Group Details
Multiple REST calls were made to OPC APIs:
APIs Used
Get Departments
Get Groups by Department
Get Users by Group and Department
The data was staged and transformed inside OIC.
Step 4 – Generate Output Files
Three files were generated:
File
Description
Department File
Contains department details
Department-Group File
Contains group mapping information
Department-Group-User File
Contains user assignment details
Files were generated in CSV format.
Step 5 – Upload Files to SFTP
Using OIC FTP/SFTP Adapter, the files were uploaded to the designated SFTP location.
CORS system then picked up the files for downstream processing.
Benefits of Flow 1
Fully automated synchronization
No manual file preparation
Centralized access data management
Reduced synchronization errors
Easy scalability for future enhancements
Flow 2 – CORS to OPC User Provisioning
Requirement
CORS sends user access requests to OIC.
The integration must:
Create users in OPC
Assign department access
Add users to groups
Return failure responses for unsuccessful group assignments
Solution Design
We exposed a REST API from Oracle Integration Cloud for CORS consumption.
The design was modularized using:
One Main Integration
Multiple Child Integrations
This improved reusability and maintainability.
Architecture Overview
Main Integration
The main orchestration integration performs:
Receives REST payload from CORS
Validates incoming request
Calls child integrations
Consolidates responses
Sends failure details back to CORS
Child Integration 1 – User Creation
This integration handles:
User creation in OPC
User validation
Existing user checks
Error handling
Key Features
Reusable integration
Can be invoked independently
Centralized user onboarding logic
Child Integration 2 – Group and Department Assignment
This integration performs:
Group assignment
Department mapping
Role association
If any group assignment fails, the integration captures the failure details.
Failure Handling Mechanism
One important business requirement was to return failed group assignments back to CORS.
Example Failure Scenarios
Group does not exist
Invalid department
User already assigned
OPC API failure
The integration collected all failed records and prepared a consolidated response.
Sample Response Structure
JSON
{
"status": "PARTIAL_SUCCESS",
"failedGroups": [
{
"user": "ABC123",
"group": "Finance_Admin",
"reason": "Group not found"
}
]
}
OIC Components Used
Component
Usage
Scheduled Orchestration
OPC to CORS sync
REST Adapter
Expose APIs and consume OPC APIs
FTP/SFTP Adapter
File upload
Stage File
File generation
Assign & Map
Data transformation
Scope & Fault Handler
Error handling
Child Integrations
Modular architecture
Key Advantages of the Solution
Modular Design
Using child integrations improved:
Reusability
Maintainability
Independent testing
Better Error Tracking
Detailed failure responses helped CORS quickly identify provisioning issues.
Scalable Architecture
The solution can easily support:
Additional departments
More user attributes
Future access models
Conclusion
This integration solution using Oracle Integration Cloud enabled seamless synchronization and automated user access management between CORS and OPC.
The implementation provided:
Automated provisioning and revocation
Secure file-based synchronization
REST-based onboarding
Modular child integration architecture
Detailed failure reporting
This approach significantly reduced manual effort while improving access governance and operational efficiency across systems.
No comments:
Post a Comment